A Detroit judge passed sentencing convicting “Godfather of Spam” Alan Ralsky of multiple prison-worthy crimes.
John Leyden from The Register reports: “Notorious spammer Alan Ralsky has been jailed for more than four years over his role in a masterminding a stock fraud spam campaign that made him an estimated $2.7m.
Ralsky, 64, from West Bloomfield, near Detroit, Michigan, was sentenced to 51 months while his son-in-law, Scott Bradley, 48, was imprisoned for 40 months over the same pump and dump stock fraud conspiracy involving thinly-traded stocks.”
Each man plead guilty to the CAN-SPAM Act, wire fraud, and money laundering. They were sentenced on Monday. Five other co-conspirators will face sentencing hearings today.
The conspirators used a botnet in their “pump and dump” stock fraud. They purchased thinly traded equities at rock bottom prices. Next they spammed unsuspecting “investment” victims about potential huge returns these stocks would provide. Once the stock price spiked the conspirators would dump their cheap stocks at greatly inflated prices to the “investment” victims.
“With today’s sentence of the self-proclaimed ‘Godfather of Spam,’ Alan Ralsky, and three others who played central roles in a complicated stock spam pump and dump scheme, the Court has made it clear that advancing fraud through abuse of the Internet will lead to several years in prison,” said US Attorney Terrence Berg for the Eastern District of Michigan.
Ralsky has a history of other spam frauds that have been documented by Spamhaus.
Mailprotector’s service helps to mitigate email threats perpetrated by fraudsters and other evil-doers. Mailprotector prevents spam, viruses, Trojans, phishing attacks and other email borne malware from reaching your Exchange server, or any mail server, and flooding your users inbox with junk mail. Try us free for 30 days.
Security researchers recently found a Trojan that uses Facebook to communicate with its command and control server. The Trojan malware is being spread via e-mail through “documents (PDF, or MS Office formats) containing exploits for known vulnerabilities,” writes Andrea Lelli, a security analyst with Symantec Security Response. The malware works by contacting the mobile version of Facebook and using its Notes section.
Clues in the title
By analyzing the Trojan’s code, Lelli found that the Trojan will perform four different actions, depending on the notes’ titles that are found. If the title is Wells, the note will contain the timedate stamp for when a machine was infected. If it is WebServer, however, the note will contain a URL to be contacted from which the Trojan will receive commands, Lelli wrote.
“The real command and data processing is done through the remote URL that was received from the notes, and this URL may point anywhere,” Lelli blogged. “However … one could use a Facebook account as a C&C [command and control] server and this Trojan is able to successfully parse the Facebook html data, retrieve the wanted data from it, and also post new data to it (it may for example send stolen data to it in the form of a note in the same [way] as it sends a timedate stamp).”
The flipside
Social networks have been used to help control malware in the past. In August, Arbor Networks researcher Jose Nazario uncovered a botnet using Twitter to communicate with its army of compromised machines.
About Mailprotector
Mailprotector’s services prevent Trojans, viruses, spam, phishing attacks and other email borne malware from getting to your inbox and spreading havoc throughout your email infrastructure.
In a recent study researchers found that small botnets are causing big problems for enterprise networks.
Most botnets are doing more with less
The study tracked more than 600 botnets over a 3 month period. Most of the botnets studied, 57%, were comprised of 100 or fewer nodes. 21% of the botnets had 101 – 500 nodes. 17% of the botnets had between 500 – 10,000 nodes. Only 5% of the botnets had more than 10,000 nodes. Whenever we think of botnets we usually envision thousands of slave PCs being used for nefarious purposes. These smaller botnets are more specific in their targets and are not causing large network disruptions. They are harder to detect as a result. This study sheds new light on the botnet issue.
“Do-it-yourself” botnet kits are readily available
Many of these smaller botnets use tools from DIY kits that can be purchased or downloaded for free from various malware distribution sites. The ability to build tools to lurk on networks provides the hacker with tailored application to specifically target the items and information they want to access. Many of the tools that are being used to craft these specific applications even have backdoors that were created by the original developer. So now you have the hacker that created the custom application gathering information about the network as well as the creator of the original tools used to develop this custom application all collecting information about the enterprise network. Dangerous and scary!
Stop the botnets from attacking
Mailprotector’s services help to protect your email systems from botnets. We keep rogues from sending you unwanted spam and malware to your users. We also protect your email systems from sending spam or malware from within by users or rogue accounts. We’ll even provide you with a free 30 day trial so you can experience botnet-free messaging. Check out our services online or feel free to contact us to learn more.
You can read more details about this study at http://www.eweek.com/c/a/Security/Small-Botnets-Causing-Big-Security-Problems-for-Enterprises-275556/
